Router as Bridge

Unanswered Question
Jul 2nd, 2008

Is it possible to configure a Router as Bridge? I wanted to know how best it can be configured securely over the Internet from once location to another location. Reason, I wanted to have NLB configured on the server which is located on two different places, where I will be using the same subnet on both the location. Idea is to have a extended LAN over the Internet securely using an Bridging configuration.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Paolo Bevilacqua Wed, 07/02/2008 - 13:57

What is NLB ?

Bridging is generally a bad idea, even more over the internet, so if you could be more specific on the reasons you think bridging is necessary in you case.

Anand S Wed, 07/02/2008 - 14:02

2 windows servers will be located in 2 different places, by configuring Network Load Balancing(NLB) on the server, a virtual IP address is entered on NLB adapter which is same like a standby IP in HSRP concept. All the users will be pointing to the virtual IP even If one server fails on one location, still the users can reach to the other location without having IP address changed. This requires both the servers to fall under the same subnet. Either configuring through a VPN or Router to act as bridge anything would be fine.

Paolo Bevilacqua Wed, 07/02/2008 - 14:08


Since to my knowledge NLB (thanks for clarifying) does not have the ability to understand which clients are actually local to the same location, and which ones are remote, statistically you will end having one half of the client-server connections going over the internet, with a large loss in performance.

Not to mentioned the NLB maintenance traffic between servers, also eating performances and response time.

For this reason I suggest you do not pursue this design that doesn't have any documented reference as best practices, be that of MS or Cisco.

It would be really better to find another technique for server redundancy, and I believe there are some (sorry I can't be more precise as it also depends on the intended application).

Anand S Wed, 07/02/2008 - 14:46

But how about the Router to act as Bridge configuration?

Tony.henry Wed, 07/02/2008 - 19:06


How does you ISP intend to make this happen for you?

Given that NLB all needs to be in the same Network. won't that necessitate the ISP having a bridge configured? If not won't all the traffic headed to your server go first through your main site and then be tromboned back across the internet to the second site?

maybe round robin DNS is something you should be looking at?



Richard Burts Thu, 07/03/2008 - 08:05


You have asked (twice now) about how to configure a router to act as a bridge and that question deserves an answer. It would look something like this:

no ip routing

bridge 1 protocol ieee

interface fastether0/0

no ip address

bridge-group 1

interface fastether0/1

no ip address

bridge-group 1

As others have pointed out this configuration would not be a very effective solution for your requirements. In addition to the points that others have made, I would make the point that the Internet is a routed environment and that bridging through the Internet is not supported.



Anand S Thu, 07/03/2008 - 09:42

Thanks for the clarification. But is there any possibility over Cisco PIX/ASA having VPN established in a bridging mode?

saugato2000 Thu, 07/03/2008 - 20:47

Hi Anandanarayana,

No Cisco PIX/ASA can establish VPN just like a router but would not again help in bridging.

You can ofcource use VPN(IPSEC/GRE).Another alernative to this option would be to take point to point lease circuit and configure same in bridge mode to take L2 traffic across the same.


This Discussion